#include <stdio.h>
#include <stdlib.h>
#include <openssl/x509.h>
#include <openssl/pem.h>
#include <openssl/evp.h>

int main() {
    X509 *cert = NULL;
    EVP_PKEY *pubkey = NULL;
    FILE *file = NULL;
    int ret = 1;

    // 打开证书文件
    file = fopen("../../cert/rsa_server.pem", "r");
    if (!file) {
        fprintf(stderr, "Error: Failed to open certificate file\n");
        goto cleanup;
    }

    // 读取证书
    cert = PEM_read_X509(file, NULL, NULL, NULL);
    if (!cert) {
        fprintf(stderr, "Error: Failed to read certificate\n");
        goto cleanup;
    }

    // 获取证书公钥
    pubkey = X509_get_pubkey(cert);
    if (!pubkey) {
        fprintf(stderr, "Error: Failed to extract public key from certificate\n");
        goto cleanup;
    }

    // 验证证书签名
    if (X509_verify(cert, pubkey) != 1) {
        fprintf(stderr, "Error: Certificate signature verification failed\n");
        goto cleanup;
    }

    printf("Certificate signature verified successfully\n");
    ret = 0;

cleanup:
    if (file) fclose(file);
    if (cert) X509_free(cert);
    if (pubkey) EVP_PKEY_free(pubkey);

    return ret;
}

